CVE-2012-0754 Adobe Flash Player MP4 Overflow Metasploit Demo

Timeline :

Vulnerability found by Alexander Gavrun from ZDI
Vulnerability reported to the vendor by ZDI the 2012-01-12
Coordinated public release of the vulnerability the 2012-02-15
Vulnerability found exploited in the wild by contagio the 2012-03-02
Metasploit PoC provided the 2012-03-07

PoC provided by :

Reference(s) :

Affected version(s) :

Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x

Tested on Windows XP Pro SP3 with :

Adobe Flash Player 11.1.102.55
Internet Explorer 8

Description :

This module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the “Iran’s Oil and Nuclear Situation.doc” e-mail attack.